When Southwest Washington Medical Center in Vancouver, Wash., introduced free wireless Internet access for patients and guests, it used a "defense-in-depth" strategy to address security issues, says Christopher Paidhrin, IT security compliance officer.
"Wi-Fi represents a low barrier for a knowledgeable attacker who wants to directly access a local area network," he says. "Wi-Fi can be a launch pad for targeted attacks. And most local network security controls are designed to address on-the-wire activity."

In an interview (transcript below), Paidhrin warns other healthcare organizations that "a poorly configured Wi-Fi security posture is an invitation to attack and abuse."